Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow arbitrary code execution.

Cisco’s SD-WAN portfolio allows businesses of all sizes to connect disparate office locations via the cloud using various networking technologies, including standard internet connections. Appliances at each location enable advanced analytics, monitoring, application-specific performance specifications and automation for any connection across a company’s wide-area network.

IOS XE, meanwhile, is the vendor’s operating system that runs those appliances. It’s a combination of a Linux kernel and a monolithic application that runs on top of that kernel.

The bug (CVE-2021-1529) is an OS command-injection issue, which enables attackers to execute unexpected, dangerous commands directly on the operating system that normally wouldn’t be accessible. It specifically exists in the command-line interface (CLI) for Cisco’s IOS XE SD-WAN software, and could allow an authenticated, local attacker to execute arbitrary commands with root privileges.

“The vulnerability is due to insufficient input validation by the system CLI,” according to Cisco’s advisory, posted this week. “A successful exploit could allow the attacker to execute commands on the underlying operating system

Read More: